1. Field of the Invention
This invention relates to the field of data processing systems. More particularly, this invention relates to malware scanning within data processing systems, such as scanning for computer viruses, Trojans, banned computer files and banned content.
2. Description of the Prior Art
It is known to provide malware scanners that read stored computer files and compare those files with data defining known types of malware to see if the computer files contain such malware. Such scanners can operate in an on-demand mode where all the files upon a storage device, or a specified group of such files, are scanned for malware one after the other as a unitary task. Such on-demand scans can take many hours to run. As the volume of data being stored on storage devices increases and the number of malware threats also increases, the amount of processing associated with such on-demand scans is also rapidly increasing such that the time taken to conduct such on-demand scans often exceeds the idle time available, such as an overnight or over-weekend period. Another type of scan is an on-access scan which operates to scan a computer file for malware as it is accessed, either as it is being written to a storage device or before it is read from a storage device. While such on-access scanning is effective, it can introduce a disadvantageous extra amount of processing and consequent delay in what can be critical timing paths. In order to deal with this, on-access scanners may be configured such that files are only scanned as they are written to a storage device, but are not scanned as they are read from a storage device. However, even in these circumstances when a large number of computer files need to be written to a storage device in a short period of time, the necessary on-access scanning for malware within those computer files can introduce a significant and disadvantageous delay.